3 matches found
CVE-2022-4305 Login as User or Customer < 3.3 - Unauthenticated Privilege Escalation to Admin
The Login as User or Customer WordPress plugin before 3.3 lacks authorization checks to ensure that users are allowed to log in as another one, which could allow unauthenticated attackers to obtain a valid admin session...
CVE-2022-4305 Login as User or Customer < 3.3 - Unauthenticated Privilege Escalation to Admin
The Login as User or Customer WordPress plugin before 3.3 lacks authorization checks to ensure that users are allowed to log in as another one, which could allow unauthenticated attackers to obtain a valid admin session...
CVE-2022-4305
The CVE-2022-4305 entry concerns the WordPress plugin “Login as User or Customer” before version 3.3, which lacks proper authorization checks to prevent logging in as another user. This can allow unauthenticated attackers to obtain a valid admin session, potentially leading to full site compromis...